CVE-2021-39793

Name of the Vulnerable Software and Affected Versions Android kernel

Description The issue is related to a function kbase jd user buf pin pages in mali kbase mem.c, which is part of the graphics processor driver in Android operating system for Google Pixel devices. It involves an out-of-bounds write in memory due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not required for exploitation.

Recommendations For Android kernel, apply the necessary patch to fix the logic error in the kbase jd user buf pin pages function to prevent out-of-bounds write. As a temporary workaround, consider restricting access to the mali kbase mem.c module to minimize the risk of exploitation.